Simply knowing your customer isn’t enough anymore; to keep pace with modern threats, perpetual know-your-customer practices will enable organizations to manage risk. Moody’s Keith Berry tells companies everything they need to know about pKYC and argues for a mindset-shift in many organizations.
Organizations have to protect themselves from fluctuating risk levels and new financial crime threats. For many compliance teams, traditional know-your-customer (KYC) methods can’t keep pace with these demands, which has resulted in the emergence of perpetual KYC (pKYC). Through continuous monitoring, pKYC enables changes in customer risk levels to be flagged and acted on in near real-time.
Despite its promise, many working in compliance still have a limited understanding of what pKYC is, how it works and how it can be implemented. Yet with the need to build more robust compliance processes, more and more organizations are investigating how to adopt pKYC and better understand how it can benefit the organization.
What is pKYC?
pKYC is an evolution of traditional KYC risk monitoring, which is a set of measures used to understand risk associated with a customer or supplier so decisions can be made about whether to work with them.
KYC at onboarding seeks to understand risk related to a new customer or third party, and then monitoring takes place throughout the lifecycle of the relationship. Monitoring has traditionally been conducted at set timeframes in KYC processes.
Organizations often take one of two approaches to KYC, with an offensive or defensive mindset. Organizations with a defensive mindset view compliance purely as a way to reduce risk and adhere to regulations. Those with an offensive approach view KYC and compliance as tools to build a better relationship with customers and better experiences, on top of viewing them as a method for mitigating risk. This is primarily done by building KYC processes that streamline the compliance experience.
pKYC takes this a step further, continuously reviewing counterparty risk and minimizing the input required from customers and third parties in the process. Enhanced due diligence is conducted only when it needs to be done, prompted by events and changes in risk levels that are flagged in near-real-time. Continuous monitoring creates a more complete risk picture across a business network that’s available all the time — not at a point in time.
The Russian invasion of Ukraine continues with no signs of a resolution, and along with the protracted conflict, the U.S. has continued to issue fresh sanctions against Russian interests. For firms and organizations, compliance could mean embracing perpetual KYC procedures, writes Fenergo’s Rory Doyle.Read more
The need for pKYC
Effective compliance is dependent on analyzing the right data and acting on the insight it provides. Yet with the amount of data available and constantly growing, it has become increasingly difficult for compliance professionals to process risk-relevant data efficiently and conduct KYC effectively.
The current pace of change in the risk landscape means compliance professionals will struggle to keep up using manual means or periodic automated monitoring. The risk profile of a customer can change in an instant, requiring the attention of compliance professionals. pKYC means time can be saved by not conducting due diligence on customers where nothing has changed and action can be taken on new threats.
For many organizations, a cultural change is required to fully support the implementation of pKYC. To invest in the necessary technology for automated compliance, KYC needs to be recognized as a value driver. By viewing it as a tool to enhance customer experience, streamlining onboarding and reducing time spent on risk monitoring across the relationship lifecycle, pKYC can help drive efficiency and value.
The future of compliance
Organizations with a proactive, offensive approach to risk management and compliance will already be evolving from KYC to pKYC. Businesses can use pKYC to focus resources, drive efficiency, face changing risks and improve compliance experiences. Additionally, it means compliance professionals can process and rely on current, accurate, integrated data to make risk-based decisions about whom to work with.